Sections

Personal tools

You are here: Home → wikidblog → Majority of LexisNexis breaches the result of stolen credentials

Recent entries: How to thwart laptop facial recognition systems admin Dec 08, 2008; Google research on Strong Authentication admin Dec 05, 2008; Checkfree Breach admin Dec 04, 2008; The Express Scripts Bounty admin Nov 14, 2008; Citrix on the need for two-factor authentication admin Nov 12, 2008

Recent comments: Re:TACACS+ - The good and the bad Nick Dec 26, 2008; Re:TACACS+ - The good and the bad Anonymous User Dec 25, 2008; Re:Student interest in WiKID Anonymous User Dec 14, 2008; Re:Running the WiKID Two-factor authentication server on Ubuntu remix_tj Nov 16, 2008; Re:Embedding WiKID two-factor authentication in your Web application admin Nov 11, 2008

2005/04/12

Majority of LexisNexis breaches the result of stolen credentials

As pointed out by Adam at Emergent Chaos:

The company said that the 59 identified incidents -- 57 at Seisint and two in other LexisNexis units -- largely related to the misappropriation by third parties of IDs and passwords of legitimate customers and stressed that neither LexisNexis nor the Seisint technology infrastructure was breached by hackers.

So, essentially, if LexisNexis had been using strong authentication for their customers, none of this would have happened.

I'm starting to think (well, have been for awhile) that the big market for strong authentication will be in customer access, not your typical VPN access as it is today. I predict that the number of customer two-factor authentication users will exceed the number of employee two-factor authentication users in two years.